Esempio n. 1
0
 function setAjaxStubContext()
 {
     $GLOBALS["stub_context"] = KT_Rel2AbsUrl(KT_getUri(), "", $this->file_name, true);
     if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != "") {
         $GLOBALS["stub_context"] .= "?" . $_SERVER['QUERY_STRING'];
     }
 }
Esempio n. 2
0
/** 
 * Add these fields/values to transaction: kt_login_user, kt_login_password, kt_login_page, kt_login_redirect;
 * Register the trigger Trigger_ForgotPassword_RemoveDynamicFields on ERROR
 * @param object tNG transaction object
 * @return nothing
 * @access public
 */
function Trigger_ForgotPassword_AddDynamicFields(&$tNG)
{
    $tNG->addColumn("kt_login_user", "STRING_TYPE", "VALUE", $tNG->kt_login_user);
    $tNG->addColumn("kt_login_password", "STRING_TYPE", "VALUE", $tNG->kt_login_password);
    $tmpRelPath = KT_makeIncludedURL($tNG->dispatcher->relPath);
    $login_page = KT_Rel2AbsUrl(KT_getUri(), $tmpRelPath, $GLOBALS['tNG_login_config']['login_page'], true);
    $tNG->addColumn("kt_login_page", "STRING_TYPE", "VALUE", $login_page);
    $redirect_page = KT_addReplaceParam($tmpRelPath . $GLOBALS['tNG_login_config']['login_page'], "info", "FORGOT");
    $tNG->addColumn("kt_login_redirect", "STRING_TYPE", "VALUE", $redirect_page);
    $tNG->registerTrigger("ERROR", "Trigger_ForgotPassword_RemoveDynamicFields", -100);
    return null;
}
Esempio n. 3
0
/**
* Known bugs:
* 	1. URL contains \" or \'
*	2. URL contains inside "simple quotes" or 'double quotes' will be removed
*/
function KT_transformsPaths($templateUrl, $text, $makeAbsolut)
{
    if ($templateUrl == "./") {
        $templateUrl = "";
    }
    $scriptUrl = KT_getUri();
    preg_match_all('/<(a|img|link|script|form|iframe|embed|applet)([^>]*)>/ims', $text, $matches);
    foreach ($matches[2] as $key => $value) {
        preg_match('/\\s(href|src|action|codebase|archive)\\s*=\\s*(("((\\\\"|[^"])+)")|(\'((\\\\\'|[^\'])+)\')|([^\\s]+))?/ims', $value, $mmatch);
        if (isset($mmatch[2])) {
            if (preg_match("/\\s*mailto\\s*:/ims", $mmatch[2])) {
                continue;
            }
            $mydelim = '';
            if (substr($mmatch[2], 0, 1) == '\'' || substr($mmatch[2], 0, 1) == '"') {
                $mydelim = substr($mmatch[2], 0, 1);
                $mmatch[2] = substr($mmatch[2], 1, -1);
            }
            if (!($mmatch[1] == 'href' && strpos($mmatch[2], 'javascript:') === 0) && !($mmatch[1] == 'href' && strpos($mmatch[2], '#') === 0) && !($mmatch[1] == 'href' && strpos($mmatch[2], 'mailto:') === 0) && !($mmatch[1] == 'action' && $mmatch[2] == "")) {
                $text = preg_replace("/" . $mmatch[1] . "\\s*=\\s*" . preg_quote($mydelim . $mmatch[2] . $mydelim, "/") . "/ims", $mmatch[1] . '="' . KT_Rel2AbsUrl($scriptUrl, $templateUrl, $mmatch[2], $makeAbsolut) . '"', $text);
            }
        }
    }
    preg_match_all('/<input([^>]*)>/ims', $text, $matches);
    foreach ($matches[1] as $key => $value) {
        $sub_text = preg_replace('/\\svalue\\s*=\\s*(("((\\\\")+|[^"]+)")|(\'((\\\\\')+|[^\']+)\')|([^\\s]+))?/ims', '', $value);
        preg_match('/\\ssrc\\s*=\\s*(("((\\\\"|[^"])+)")|(\'((\\\\\'|[^\'])+)\')|([^\\s]+))?/ims', $sub_text, $mmatch);
        if (isset($mmatch[1])) {
            $mydelim = '';
            if (substr($mmatch[1], 0, 1) == '\'' || substr($mmatch[1], 0, 1) == '"') {
                $mydelim = substr($mmatch[1], 0, 1);
                $mmatch[1] = substr($mmatch[1], 1, -1);
            }
            $text = preg_replace("/src\\s*=\\s*" . preg_quote($mydelim . $mmatch[1] . $mydelim, "/") . "/ims", 'src="' . KT_Rel2AbsUrl($scriptUrl, $templateUrl, $mmatch[1], $makeAbsolut) . '"', $text);
        }
    }
    preg_match_all('/<param\\s+name=(\'|")(movie|src|fileName)(\'|")([^>]*)>/ims', $text, $matches);
    foreach ($matches[4] as $key => $value) {
        preg_match('/\\s(value)\\s*=\\s*(("((\\\\"|[^"])+)")|(\'((\\\\\'|[^\'])+)\')|([^\\s]+))?/ims', $value, $mmatch);
        if (isset($mmatch[2])) {
            $mydelim = '';
            if (substr($mmatch[2], 0, 1) == '\'' || substr($mmatch[2], 0, 1) == '"') {
                $mydelim = substr($mmatch[2], 0, 1);
                $mmatch[2] = substr($mmatch[2], 1, -1);
            }
            $text = preg_replace("/" . $mmatch[1] . "\\s*=\\s*" . preg_quote($mydelim . $mmatch[2] . $mydelim, "/") . "/ims", $mmatch[1] . '="' . KT_Rel2AbsUrl($scriptUrl, $templateUrl, $mmatch[2], $makeAbsolut) . '"', $text);
        }
    }
    if (preg_match("/UNI_navigateCancel/i", $text)) {
        preg_match_all("/UNI_navigateCancel\\(event, '([\\.\\/]*includes\\/nxt\\/back.php)'\\)/ims", $text, $matches);
        foreach ($matches[1] as $key => $value) {
            $text = str_replace($value, KT_Rel2AbsUrl($scriptUrl, $templateUrl, $value, $makeAbsolut), $text);
        }
    }
    if (preg_match("/NEXT_ROOT=/i", $text)) {
        preg_match_all("/NEXT_ROOT=\"([^\"]*)\"/ims", $text, $matches);
        foreach ($matches[1] as $key => $value) {
            $text = str_replace($value, KT_Rel2AbsUrl($scriptUrl, $templateUrl, $value, $makeAbsolut), $text);
        }
    }
    if (preg_match('/\\$MXW_relPath\\s=\\s/i', $text)) {
        preg_match_all('/\\$MXW_relPath\\s=\\s\'([^\']*)\';/is', $text, $matches);
        foreach ($matches[1] as $key => $value) {
            $text = str_replace('$MXW_relPath = \'' . $value . '\';', '$MXW_relPath = \'' . KT_Rel2AbsUrl($scriptUrl, $templateUrl, $value, $makeAbsolut) . '\';', $text);
        }
    }
    if (preg_match("/\"path\": \".*includes\\/ktm\\/\",/i", $text)) {
        preg_match_all("/\"path\": \"(.*includes\\/ktm\\/)\",/ims", $text, $matches);
        foreach ($matches[1] as $key => $value) {
            $text = preg_replace("/\"path\": \"" . preg_quote($value, "/") . "\"/ims", "\"path\": \"" . KT_Rel2AbsUrl($scriptUrl, $templateUrl, $value, $makeAbsolut) . "\"", $text);
        }
    }
    return $text;
}